I was hacked

  • Per the welcome post, I read through all other post’s that seem to relate to my situation. It was brought to my attention that something was on my husbands website that did not belong. Under his website name and logo were the words Kinky A%$l F*&k. The link went to a page that said page not found (or something like that). Per what I read in this forum, I installed wordfence. I ran a scan, got notification of two items that could be malware. I then deleted those items. Now my entire site is gone. Blank page.

    How do I fix this? Everything that I have added (pages and whatnot) are still showing in the dashboard, but typing in the actual site comes up blank.

    Any help would be much appreciated.

Viewing 11 replies - 1 through 11 (of 11 total)

  • Do you have any idea what files you deleted?

    Thread Starter flexxxstrops

    (@flexxxstrops)

    * File appears to be malicious: wp-content/themes/customizr/functions.php
    * File appears to be malicious: wp-includes/images/wlw/widgets.php

    Is customizr your active theme? If yes do you have any custom changes to core files in the theme?

    Thread Starter flexxxstrops

    (@flexxxstrops)

    It is, and I am not sure what that means. I haven’t made changes to anything since last October, and then just what I did today. The scan did tell me critical to update, so I updated. Could that have been the problem?

    Look at Appearance > Theme Options and look for any custom CSS or if there is an option to export features. The export allows you to back up your theme options. If you find custom css make a copy of it. If there is an export option for the theme, export it.

    Then delete customizr and add it back from the WordPress theme repo. When you get your theme reloaded, the options set or imported and css added back if there was any, the front end of your site should work.

    Your site was and may still be hacked. But replacing the theme is a step toward repairing it. Follow this guide.

    When you’re done, you may want to implement some (if not all) of the recommended security measures.

    If you have questions, come back here. There will be folks to help you.

    Thread Starter flexxxstrops

    (@flexxxstrops)

    There is nothing. I select appearance and it just shows all the themes. There is no theme options.
    Thank you for all of your guidance.

    Thread Starter flexxxstrops

    (@flexxxstrops)

    I think I may have fixed it. https://www.flexxxstrops.com
    When I view it while logged into wordpress, it does not show me the hacked link (it did not previously either). Looking at it from my mobile no longer shows the obscene words that were a link.

    You are welcome. You will quickly get your husband’s site back in shape. Be sure to come here back if you need help.

    Thread Starter flexxxstrops

    (@flexxxstrops)

    Thank you again for all of your help

    You have a very nice site. Keep everything up to date and watch Wordfence for issues. Malware files may be all bad, like the widgets.php file you found. But the functions.php file just had malware added to it. Your site needed it to run your theme.

    If this should happen again choose the fix or restore to repo option. And if it says it’s not a core file, it’s still good to download a copy of the file to your PC in case you want to put it back.

    Enjoy your site.

    Your page looks very different from the last time I saw it. Do you need to come back to the forum for more help?

Viewing 11 replies - 1 through 11 (of 11 total)
  • The topic ‘I was hacked’ is closed to new replies.